General

  • Target

    a564910112b33b769485254ae891a16cbb5b91ad5a099408e290658698edc81a

  • Size

    268KB

  • Sample

    220205-n2bjbabcdl

  • MD5

    1d94cc32838b73795b6578564b80905a

  • SHA1

    efebe3b5f72975a95d86d31f0bc83f50815cc013

  • SHA256

    a564910112b33b769485254ae891a16cbb5b91ad5a099408e290658698edc81a

  • SHA512

    ffe09f26feb1193bb5a656bd8cf6c269b0d0eadb099239ddef64ea927ad80012d9395afe5cca0b64f065f3a84901acaa1799adb33718bb2716c3ba59b79e631e

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214131

Targets

    • Target

      a564910112b33b769485254ae891a16cbb5b91ad5a099408e290658698edc81a

    • Size

      268KB

    • MD5

      1d94cc32838b73795b6578564b80905a

    • SHA1

      efebe3b5f72975a95d86d31f0bc83f50815cc013

    • SHA256

      a564910112b33b769485254ae891a16cbb5b91ad5a099408e290658698edc81a

    • SHA512

      ffe09f26feb1193bb5a656bd8cf6c269b0d0eadb099239ddef64ea927ad80012d9395afe5cca0b64f065f3a84901acaa1799adb33718bb2716c3ba59b79e631e

    • Gozi, Gozi IFSB

      Gozi ISFB is a well-known and widely distributed banking trojan.

    • suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)

      suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)

MITRE ATT&CK Enterprise v6

Tasks